Skip to main content
Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • SEC files brief in its Supreme Court appeal to reverse 5th Circuit ruling against use of adjudication powers and ALJs


    On August 28, the SEC filed a brief in its appeal to the U.S. Supreme Court to reverse the decision of the U.S. Court of Appeals for the Fifth Circuit’s 2022 ruling that the commission’s in-house adjudication is unconstitutional. As previously covered by InfoBytes, the 5th Circuit held that the SEC’s in-house adjudication of a petitioners’ case violated their Seventh Amendment right to a jury trial and relied on unconstitutionally delegated legislative power. The brief argues that securities laws are “distinct from common law because they authorize the government to seek civil penalties even if no private person has yet suffered harm from the defendant’s violation (and therefore no person could obtain damages).” Moreover, the SEC argues that the Court has continually upheld the right of an agency to decide whether to enter an enforcement action through the civil or criminal process. The SEC referenced the 1985 Heckler v. Chaney case, which set the precedent that there is no constitutional difference between the power to decide whether to pursue an enforcement action and where to pursue an enforcement action, as they are both executive powers, supporting the claim that there is “a long and unbroken line of decisions that have relied on the public-rights doctrine in upholding such statutory schemes against Article III and Seventh Amendment challenges.” The SEC also reminded the Court that when it enforces securities laws through an administrative enforcement proceeding with a result that is not in favor of the respondent, the respondent may obtain a judicial review through the court of appeals. Finally, the commission contends that the 5th Circuit erred when it held that statutory removal restrictions for ALJs are unconstitutional, and that Congress has “acted permissibly in requiring agencies to establish cause for their removal of ALJs.”

    Courts Securities SEC U.S. Supreme Court Fifth Circuit ALJ Constitution Securities Act Securities Exchange Act Enforcement

  • SEC conducts its first-ever NFT enforcement again


    On August 28, the SEC entered an order against a Los Angeles-based media and entertainment company charging them with conducting an unregistered offering of crypto asset securities in the form of non-fungible tokens (NFTs).  According to the order, the company offered and sold different tiers of NFTs to hundreds of investors between October and December of 2021, and ultimately raised approximately $30 million from the sales. The SEC alleged that the company encouraged potential investors to purchase the unregistered NFTs in return for an investment in the business, promising “tremendous value” to the purchasers if the company was successful in its attempts to “build the next Disney” and launch other creative projects. The order found that the NFTs were ultimately investment contracts and therefore securities, and that the company subsequently violated federal securities laws by offering and selling crypto assets in an unregistered securities offering that was not otherwise exempt from registration requirements.

    The SEC noted that all securities, in whatever form, are required to be registered and that when companies fail to register securities, “investors of all types are deprived of the protections afforded them by the robust disclosures and other safeguards long provided by our securities laws.”  The company did not admit or deny the findings set forth in the order but agreed to cease-and-desist from violating registration provisions of the 1933 Act and pay a combined penalty of over $6.1 million in fees. The order also establishes a “Fair Fund” to return money to investors who paid to purchase NFTs.

    On the same day, the SEC released a statement from Republican commissioners, Hester M. Peirce and Mark T. Uyeda, underscoring the significance of the commission’s first NFT enforcement action. “People are experimenting with a lot of different uses of NFTs,” said the commissioners in their partial dissents. “Consequently, any attempt to use this enforcement action as precedent is fraught with difficulty.” The commissioners further criticized the SEC’s failure to provide guidance on NFTs when they first started proliferating and raised several questions.


    Fintech Securities SEC Enforcement Cryptocurrency NFT Digital Assets

  • SEC awards whistleblower more than $18 million


    On August 25, the SEC announced a whistleblower award of $18 million to a whistleblower who provided new information and assistance that led to a successful SEC enforcement action. According to the redacted order, the whistleblower provided additional helpful information and substantial, continuing assistance that helped the SEC staff saved f time and resources during the investigation. In the same order, the Commission affirmed the denial of a second claimant’s award claims after claimant 2 argued that they were the source of the original information that led to the opening of the investigation. The SEC determined that they had insufficient evidence to support their claims and that the Commission’s staff used claimant 1’s information, not claimant 2’s. Moreover, the claimant 2 did not satisfy “Rule 21F-4(c)(3), as Claimant 2 did not submit information to the Commission within 120 days of reporting it to the Company. Claimant 2 submitted information to the Commission after the Covered Action was filed and settled.”

    Securities SEC Whistleblower Investigations Enforcement

  • SEC charges broker-dealer with failure to file suspicious activity reports


    On August 29, the SEC announced that it had brought charges against a Chicago-based broker-dealer. The SEC alleged that between August 2012 and September 2020 the broker-dealer failed to file over 400 hundred legally required suspicious financial transaction reports related to over-the-counter securities transactions executed in the broker-dealer’s alternative trading system (ATS). According to the SEC’s order, it was found that the broker-dealer did not establish an anti-money laundering surveillance program until September 2020, despite having thousands of high-risk microcap and penny stock securities transactions executed daily on its ATS.

    Daniel R. Gregus, Director of the SEC’s Chicago Regional Office, stated, “All SEC-registered broker-dealers have the responsibility to comply with the requirements of the Bank Secrecy Act, including the obligation to file SARs.”

    Without admitting or denying that it violated Section 17(a) of the Securities Exchange Act and Rule 17a-8, the broker-dealer agreed to a censure and a cease-and-desist order, along with a $1.5 million penalty.


    Securities Federal Issues SEC Broker-Dealer Enforcement Recordkeeping SARs Cease and Desist

  • SEC charges fintech investment adviser for misleading advertising


    On August 21, the SEC announced charges against a New York-based fintech investment adviser for using hypothetical performance metrics in misleading advertisements, compliance failures that led to misleading disclosures, and failure to adopt policies concerning crypto asset trading by employees, among other things. These charges mark the first violation of the SEC’s amended marketing rule.

    According to the order, the fintech investment adviser made misleading statements on its website by failing to include material information, and without having adopted and implemented required policies and procedures under the SEC’s marketing rule. The SEC also found that the company made conflicting disclosures regarding crypto assets custody and failed to adopt policies related to employee personal trading in crypto assets. 

    The company consented to the order finding that it violated the Advisers Act and without admitting or denying the SEC’s findings, entered into a cease-and-desist order, a censure, and agreed to pay $192,454 in disgorgement, prejudgment interest and an $850,000 civil penalty that will be distributed to affected clients.

    Securities Fintech Enforcement SEC Disclosures Cryptocurrency Cease and Desist

  • SEC awards whistleblowers more than $104 million


    On August 4, the SEC announced awards totaling more than $104 million to seven whistleblowers whose information and assistance led to a successful SEC enforcement action, as well as two related actions brought by another agency. According to the Press Release, “the seven whistleblowers were composed of two sets of joint claimants and three single claimants, and each provided information that either prompted the opening of or significantly contributed to an SEC investigation.” The seven claimants contributed assistance including providing documentation to support the allegations, identifying potential witnesses, and sitting for interviews. According to the redacted order, Claimants 1 and 2, both foreign nationals, provided information that in part caused the SEC to open the investigation that led to the charges. The whistleblowers also provided substantial ongoing assistance, including providing multiple written submissions, communications, and interviews, the SEC said, finding also that the whistleblower satisfied the requirements under Rules 21-F-3(b) for related actions awards as the related successful enforcement actions were partly based on the same information provided to the Commission. However, in the same order, the SEC affirmed the denial of two other claimants’ award claims after determining, among other things, that the individuals did not submit information leading to the successful enforcement of the covered action.

    Securities SEC Enforcement Whistleblower Investigations

  • SEC charges companies, founder for operating an unregistered exchange


    On July 31, the SEC filed a complaint in the U.S. District Court for the Eastern District of New York against three cryptocurrency trading platforms and their founder for allegedly conducting unregistered offerings of crypto asset securities that raised more than $1 billion in crypto assets from investors. The SEC also claimed that the founder and one of the platforms fraudulently misappropriated at least $12 million of offering proceeds to purchase luxury goods including sports cars, watches, and diamonds.

    According to the SEC’s complaint, as early as 2018 the defendants began marketing what they claimed to be the first high-yield “blockchain certificate of deposit,” and promoting tokens as an investment designed to make people “rich.” It is further alleged that from at least December 2019 through November 2020, the defendants offered and sold tokens in an unregistered offering and collected more than 2.3 million cryptocurrency units through “recycling” transactions that enabled the defendants to surreptitiously gain control of more tokens.

    The complaint seeks injunctive relief, disgorgement of ill-gotten gains plus prejudgment interest, penalties, and other equitable relief.

    Securities Digital Assets SEC Enforcement Cryptocurrency

  • ETF, founder to pay SEC $4.4M for misleading trustees


    On August 1, the SEC settled for $4.4 million with an investment adviser and entities he founded (collectively, the “respondents”) on charges that they breached both their duty of care and duty of loyalty to their client, an exchange traded fund (ETF), in violation of the Investment Advisers Act and the Investment Company Act. As alleged in the settlement, the respondents needed funds to settle a substantial private litigation judgment, and to secure the funds to do so, committed to keep the client’s security lending business with the company providing the financing to the respondents. However, there were better offers on better terms from other securities lenders that could have provided millions more in revenue to the client, and the respondents did not disclose this information to their client or to the client’s independent trustees. In addition to the civil penalties, without admitting or denying the findings, respondents agreed to various non-monetary penalties, including cease-and-desist orders, an associational bar for the investment adviser and censures for the respondent entities.

    Securities Courts SEC Enforcement Digital Assets Cryptocurrency

  • SEC proposes rules for addressing conflicts of interest raised by predictive data analytics

    Agency Rule-Making & Guidance

    On July 26, the SEC issued proposed rules under the Securities Exchange Act of 1924 and the Investment Advisors Act of 1940 to address certain conflicts of interest associated with the use of predictive data analytics, including artificial intelligence (AI) and similar technologies, “that optimize for, predict, guide, forecast, or direct investment-related behaviors or outcomes.” The SEC explained that broker-dealers and investment advisors (collectively, “firms”) are increasingly using AI to improve efficiency and returns but cautioned that, due to the scalability of these technologies and the potential for firms to quickly reach a large audience, any resulting conflicts of interest could result in harm to investors that is more pronounced and on a broader scale than previously possible.

    Based on existing legal standards, the proposed rules generally would require a firm to identify and eliminate, or neutralize, the effects of conflicts of interest that result in the firm’s (or associated persons) interests being placed ahead of investors’ interests. Firms, however, would be permitted to employ tools that they believe would address such risks and that are specific to the particular technology being used. Firms that use covered technology for investor interactions would also be required to have written policies and procedures in place to ensure compliance with the proposed rules, the SEC said. These policies and procedures must include a process for evaluating the use of covered technology in investor interactions and addressing any conflicts of interest that may arise. Firms must also maintain books and records related to these requirements. Comments on the proposed rules are due 60 days after publication in the Federal Register.

    Agency Rule-Making & Guidance Federal Issues Securities SEC Third-Party Risk Management Artificial Intelligence Securities Exchange Act Investment Advisers Act

  • SEC adopts breach-reporting rules, establishes requirements for cybersecurity risk management

    Agency Rule-Making & Guidance

    On July 26, a divided SEC adopted a final rule outlining disclosure requirements for publicly traded companies in the event of a material cybersecurity incident. The final rule (proposed last year and covered by InfoBytes here) also requires companies to periodically disclose their cybersecurity risk management processes and establishes requirements for how cybersecurity disclosures must be presented. The final rule requires that material cybersecurity incidents be disclosed within four days from the time a company determines the incident was material (a disclosure may be delayed should the U.S. attorney general notify the SEC in writing that immediate disclosure poses a substantial risk to national security or public safety). Companies must also identify material aspects of the incident’s nature, scope, and timing, as well as its impact or reasonably likely impact on the company, and are required to describe their board’s and management’s oversight of risks from cybersecurity threats and previous cybersecurity incidents. These disclosures will be required in a company’s annual report. The final rule will also mandate foreign private issuers to provide comparable disclosures on forms related to material cybersecurity incidents and risk management, strategy, and governance.

    The final rule is effective 30 days following publication of the adopting release in the Federal Register. The SEC noted that incident-specific disclosures will be required in Forms 8-K and 6-K beginning either 90 days after the final rule’s publication in the Federal Register or on December 18, whichever is later, though smaller reporting companies are provided an extra 180 days before they must begin providing such disclosures. Annual disclosures on cyber risk management, strategy, and governance will be required in Form 10-K and Form 20-F reports starting with annual reports for fiscal years ending on or after December 15. In terms of structured data requirements, all companies must tag disclosures in the required format beginning one year after initial compliance with the related disclosure requirement.

    SEC Chair Gary Gensler commented that, in response to public comments received on the proposed rule, the final rule “streamlines required disclosures for both periodic and incident reporting” and requires companies “to disclose only an incident’s material impacts, nature, scope, and timing, whereas the proposal would have required additional details, not explicitly limited by materiality.”

    In voting against the final rule, Commissioner Hester M. Pierce raised concerns that the final rule’s compliance timelines are overly aggressive even for large companies and that the short incident disclosure period could potentially mislead otherwise uninformed investors and “lead to disclosures that are ‘tentative and unclear, resulting in false positives and mispricing in the market.’” The final rule allows a company to update its incident disclosure with new information in subsequent reports that was unavailable at first and could impact investors who may suffer a loss due to the mispricing of the company’s securities following the initial reporting, Pierce said. She also criticized the risk to national security or public safety exemption as being overly narrow. Commissioner Mark Uyeda also opposed the adoption, writing that “[n]o other Form 8-K event requires such broad forward-looking disclosure that needs to be constantly assessed for a potential amendment.” Uyeda also questioned whether “[p]remature public disclosure of a cybersecurity incident at one company could result in uncertainty of vulnerabilities at other companies, especially if it involves a commonly used technology provider, [thus] resulting in widespread panic in the market and financial contagion.”

    Agency Rule-Making & Guidance Federal Issues Securities Privacy, Cyber Risk & Data Security SEC Data Breach Risk Management


Upcoming Events